The risk of the user downloading something dodgy and installing it is ... up to the user.

but exactly that is the point!
On my PC using Avira Antivirus that caught and isolated infected files dozens of times, even from sources which seem reliable (e.g., the last couple of times files for game ROMs for my retropie!)
Same it's about looking at email attachments!

Missed the point much. The Pi is not a PC. There are very few viruses that could infect it and most are based upon users not changing the password.

I wouldn't trust game ROM sites unless I personally knew the people who ran them and even then I would run them on a non critical system that I could wipe and re-image when needed.

Well even anti virus software is not foolproof its only as good as the current definitions file, so relying on just that is not a good idea either.

I have a number of pi's some running 24/7 non of them have antivirus software , nor do my 2 file servers both running Linux, and I have not suffered an virus infection on any of them yet.

and to make a point about its how you secure your PC , I have a PC that runs my CCTV system and serves the images to a web page that I can access from anywhere and that's running windows XP pro with no antivirus, its just so well locked down you can't access a drive or directory except form one machine on my local network using a specific userID /password, and that's been running for 5 years without a virus infection.

We want information… information… information........................no information no helpThe use of crystal balls & mind reading are not supported

...
and to make a point about its how you secure your PC , I have a PC that runs my CCTV system and serves the images to a web page that I can access from anywhere and that's running windows XP pro with no antivirus, its just so well locked down you can't access a drive or directory except form one machine on my local network using a specific userID /password, and that's been running for 5 years without a virus infection.

Playing Devils Advocate:

You hope Without AV on the box how do you know?

Even if the AV cannot clean the infection (esp the ransomware type of attacks) they are handy to know you have an infection.

I do wonder with some of the questions posted in the forums if a breed of Pi targeted malware will start to appear aimed specifically at folk who just open ports on their router for one thing or another with no care or understanding.

Security is not a product you can buy and install and hope it takes care of everything.
Security is not an operating system that you may think is more secure than some other.
Security is an ongoing process of eternal vigilance. Of keeping your wits about you and being aware of impeding threats.
Trusting your security to some AV company is as dumb as those hotels that trusted electronic locks on their room doors. (Google it)
Good news is that AV software can detect old threats.
Bad news is that it is the new threats that will get you.
Be prepared.

You are probably misunderstaning my point:
I am the one who distrusts advices like having just to change the password, and I am the one who fears that the suspected virus security of Linux is overestimated today (and even more so in the future), and therefore I am the one who thinks that further security is necessary now and in future, just as it is already common on Windows systems: that means the need for antivir and anti-malware software, just like already available for Windows. Probably there is currently not such an approved and failsafe security software availble yet for Linux of exactly those reasons, but I think we'll see what will happen in the coming years if the number of common (non-IT, non-CS) Linux consumers will be quickly increasing.

PS, as to "Bad news is that it is the new threats that will get you":
if new virus software or malware has been detected, the AV databases become quickly updated - unprotected users will be widely infected furthermore, whilst AV users are protected then.

Last edited by dsyleixa123 on Wed Jun 26, 2019 9:01 pm, edited 2 times in total.

When I first set it up I used to shut the system down and boot from a cd and run a full virus scan on a weekly basis, over time it got stretched it a monthly check , now its about twice a year , never detected anything.

The file containing banned IP's grown over the years with most of Asia, Russia , USA and the rest of the world , basically UK only addresses allowed.
The log files shows very few visits now mostly my internal IP's , and a few IP's of friends or relatives IP's or my phone service providers IP.

Having it on a no standard port helped a lot to reduce the number of people that attempted to connect.

We want information… information… information........................no information no helpThe use of crystal balls & mind reading are not supported

Silex does not depend on any cunning virus like mechanism that a traditional AV would look for. From your link:

"It's using known default credentials for IoT devices to log in and kill the system,"

It's a case of simply logging in to the device using the default password set on the device. No amount of AV software on your PC or Raspberry Pi would save you from that.

I will argue that in these cases, of which there have been increasingly many with the rise of IoT devices, the IoT device itself is the malware that you have invited into your home. Not the Silex or whatever.

We already have plenty of tools one can use to scan ones network and find open protocol ports and such rogue devices on ones network.

We already have plenty of tools one can use to scan ones network and find open protocol ports and such rogue devices on ones network.

a 1st step would be to gather them in a handy tool, conveniently useable by consumers to scan and check their proprieary devices and fix all virus/malware/sypyware issues (including things like Silex) automatically, optionally by user confirm (ignore/quarantine/delete)
sudo ./avscan --all

Linux AV software is widely available and generally very useful when Linux is used on a server, because while most malware won't run under Linux, e.g. Windows or Mac malware can certainly be spread by e.g. a file or web server.

Unfortunately the A+ Antivirus apps are all x86-only because they usually use emulation to detect malware which isn't in the signature database. This emulation hasn't (by most vendors) been ported to Arm.

So you're really limited to signature-based detection, if the vendors even support that on Pi. This will detect old or ubiquitous malware, but not modern hazardous stuff.

If you want to host a file or web server for your organisation, I'd strongly recommend having something which completely forbids Windows executables from being hosted, because you cannot reasonably guarantee that they're not infected, and you don't want liability of spreading malware. Effective AV software is *NOT* available on the Pi (NB: someone please correct me if I'm wrong)

as stated, by this topic I am targeting not servers but consumer Linux PCs e.g. from people who use their Pi 3 or 4 on the same non-CS level like they are used to their Androids or Windows PCs and who have no ideas about how a OS works or not. This is becoming more important as now the Pi4 is more a consumer PC than a SoC for computer scientists, professional programmers, or makers.